I’ve devoted quite a bit of space on this blog to cyber security. I have taken the position that government and the private sector should restrict employees and managers from accessing enterprise computing resources with personal laptops, desktops or smart devices. Personal devices whether using a VPN (virtual private network) or security tokens must be taboo on business or government networks, servers or other resources. Furthermore, no employee or manager should be allowed to use a government or company laptop, desktop or smart device for personal use.
The Phishing email above is one of the better one’s I’ve seen. Sentence structure, adjective/noun order is very good ( in most languages the adjective follows the noun it modifies. Not so in English.) Even the way the information is presented is quite good. The only way to see that it’s a phishing email is by looking at the message header details. This particular email appears to have originated in Finland, but there’s no real way to make that assessment by an individual. It could have originated in Eastern Europe using a proxy in Finland.
The majority of cyber attacks start with phishing emails targeting individuals. Once the individual takes the bait there is a slew of weapons used; malware, keyboard loggers and more sophisticated devices. If the victim then accesses his employers computing resources, he or she has just opened the organization to a cyber attack.